osCommerce systems are currently being targeted by a mass hacking attack – online shop administrators need to act immediately. This article aims to help administrators to help themselves.
Most of the alerts regarding the mass infection of osCommerce shops merely recommend updating to the latest version, 2.3.1. Unfortunately, performing this upgrade is anything but trivial. In many cases it essentially boils down to setting up the whole shop again from scratch. Even the database format has changed, with the result that a dump of an old version can’t be used without substantial spadework.
All of which costs time, but with the danger acute, a rapid reaction is required. This short guide has been put together to help users to check whether their osCommerce system is vulnerable, to check whether they have been infected and to apply a workaround to provide at least temporary security.